Examples with JaxbUser org.opencastproject.security.api.JaxbUser used on opensource projects

Example 21 with JaxbUser

use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testUserSwitchingToAdminForbidden.

@Test
public void testUserSwitchingToAdminForbidden() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
    userResponder.setResponse(defaultUser);
    switchingUserResponder.setResponse(defaultUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("admin").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}

Example 22 with JaxbUser

use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testUserSwitching.

@Test
public void testUserSwitching() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    securityService.setUser(EasyMock.anyObject(User.class));
    EasyMock.expectLastCall().times(2);
    EasyMock.replay(securityService);
    User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
    userResponder.setResponse(defaultUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("joe").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(securityService);
}

Example 23 with JaxbUser

use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.

the class ThemesServiceDatabaseTest method testStoreUpdateAndDelete.

@Test
public void testStoreUpdateAndDelete() throws Exception {
    JaxbOrganization org = new DefaultOrganization();
    JaxbUser creator = new JaxbUser("admin", "test", org);
    Theme theme = new Theme(Option.<Long>none(), new Date(), true, creator, "New");
    Theme updateTheme = themesDatabase.updateTheme(theme);
    Assert.assertEquals("New", updateTheme.getName());
    Assert.assertEquals(1, themesDatabase.countThemes());
    theme = new Theme(updateTheme.getId(), new Date(), true, creator, "Updated");
    updateTheme = themesDatabase.updateTheme(theme);
    Assert.assertEquals("Updated", updateTheme.getName());
    Assert.assertEquals(1, themesDatabase.countThemes());
    try {
        theme = themesDatabase.getTheme(updateTheme.getId().get());
        Assert.assertNotNull(theme);
    } catch (NotFoundException e) {
        Assert.fail("Existing theme has not been found");
    }
    themesDatabase.deleteTheme(updateTheme.getId().get());
    Assert.assertEquals(0, themesDatabase.countThemes());
    try {
        themesDatabase.getTheme(updateTheme.getId().get());
        Assert.fail("Deleted theme has been found");
    } catch (NotFoundException e) {
        Assert.assertNotNull(e);
    }
}

Example 24 with JaxbUser

use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.

the class ThemesServiceDatabaseTest method setUp.

/**
 * @throws java.lang.Exception
 */
@Before
public void setUp() throws Exception {
    // Mock up a security service
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    User user = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.replay(securityService);
    UserDirectoryService userDirectoryService = EasyMock.createNiceMock(UserDirectoryService.class);
    EasyMock.expect(userDirectoryService.loadUser(EasyMock.anyString())).andReturn(user).anyTimes();
    EasyMock.replay(userDirectoryService);
    MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
    messageSender.sendObjectMessage(EasyMock.anyObject(String.class), EasyMock.anyObject(MessageSender.DestinationType.class), EasyMock.anyObject(Serializable.class));
    EasyMock.expectLastCall().anyTimes();
    EasyMock.replay(messageSender);
    themesDatabase = new ThemesServiceDatabaseImpl();
    themesDatabase.setEntityManagerFactory(newTestEntityManagerFactory(ThemesServiceDatabaseImpl.PERSISTENCE_UNIT));
    themesDatabase.setSecurityService(securityService);
    themesDatabase.setUserDirectoryService(userDirectoryService);
    themesDatabase.setMessageSender(messageSender);
    themesDatabase.activate(null);
}

Example 25 with JaxbUser

use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.

the class CaptureAgentStateServiceImplTest method testAgentVisibility.

@Test
public void testAgentVisibility() throws Exception {
    // Create a new capture agent called "visibility"
    String agentName = "visibility";
    service.setAgentState(agentName, IDLE);
    // Ensure we can see it
    assertEquals(1, service.getKnownAgents().size());
    // Set the roles allowed to use this agent
    Set<String> roles = new HashSet<>();
    roles.add("a_role_we_do_not_have");
    AgentImpl agent = (AgentImpl) service.getAgent(agentName);
    agent.setSchedulerRoles(roles);
    service.updateAgentInDatabase(agent);
    // Since we are an organizational admin, we should still see the agent
    assertEquals(1, service.getKnownAgents().size());
    // Use a security service that identifies us as a non-administrative user
    DefaultOrganization organization = new DefaultOrganization();
    HashSet<JaxbRole> roleSet = new HashSet<>();
    roleSet.add(new JaxbRole("ROLE_NOT_ADMIN", organization, ""));
    User user = new JaxbUser("testuser", "test", organization, roleSet);
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.replay(securityService);
    service.setSecurityService(securityService);
    // Ensure we can no longer see the agent, since we don't have an administrative role
    assertEquals(0, service.getKnownAgents().size());
// TODO: Do we need to enforce access strictly? If someone asks for an agent by name, but they do not have the
// appropriate scheduler role, should we throw UnauthorizedException?
}